SPLK-ISITSI - Implementing Splunk IT Service Intelligence 4.15

This 18-hour course is designed for administrator users who will implement Splunk IT Service Intelligence for analysts to use. The first day includes the day of content from Using Splunk IT Service Intelligence.

Duration: 4.0 days

Enquire Now

Start learning today!

Click Hereto customize your Training


  • IT Service Intelligence analyst user training
  • Designing and implementing Services and Searches
  • Defining and Adding Entities
  • Defining Service Templates, and User Access
  • Using Predictive Analytics
  • Creating and Defining Correlation Searches and Event Aggregation


Module 1 – Designing Services

  • Plan ITSI services
  • Design service KPI properties
  • Identify entity-oriented KPIs
  • Identify dependencies between services

Module 2 – Data Audit and Base Searches

  • Analyze a data environment
  • Identify necessary data sources for KPIs
  • Plan data intake for IT Service Intelligence configuration
  • Implement base searches to support service design

Module 3 – Access Control

  • Identify ITSI roles and capabilities
  • Describe service level roles and team ownership
  • Control access to ITSI views

Module 4 – Implementing Services

  • Use a service design to implement services in ITSI
  • Create KPIs using base searches
  • Configure basic KPI settings for calculation and aggregation
  • Configure KPI lag and backfill
  • Set KPI importance
  • Calculate service health score

Module 5 – Entities

  • Define entities and entity types
  • Creating and importing entities
  • Creating a service using pre-built KPIs
  • Associate entities with an existing service
  • Delete or retire entities
  • Define and use pseudo entities
  • Monitoring entities

Module 6 – Templates and Dependencies

  • Define service template use cases
  • Create service templates
  • Create new services from templates
  • Create dependencies between services

Module 7 – Thresholds and Time Policies

  • Configure KPI thresholds
  • Use aggregate and entity-level thresholds
  • Use static and adaptive thresholds
  • Apply time policies to thresholds
  • Create custom threshold templates

Module 8 – Anomaly Detection and Predictive Analytics

  • Define anomaly detection
  • Define predictive analytics
  • Configure anomaly detection for KPIs
  • Configure predictive analytics for services

Module 9 – Correlation Searches and Multi-KPI Alerts

  • Define new correlation searches
  • Define Multi-KPI alerts
  • Manage notable event storage

Module 10 – Aggregation Policies

  • Define aggregation policy capabilities
  • Modify the default aggregation policy
  • Understand Smart Mode
  • Create new aggregation policies
  • Use aggregation policies to automate notable event response


  • Splunk Administrator
  • Developer
  • User
  • Knowledge Manager
  • Architect


To be successful, students should have a working understanding of the following courses:

Either these completed Certification Paths

  • Splunk Enterprise System Administration
  • Splunk Enterprise Data Administration

Or These Courses

  • What is Splunk?
  • Intro to Splunk
  • Using Fields
  • Visualizations
  • Introduction to Knowledge Objects
  • Creating Knowledge Objects
  • Creating Field Extraction



Course Benefits

  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Splunk Popular Courses


This "Fast Start" course covers over 60 commands and functions and prepares students to be search experts.


This course prepares security practitioners to use SOAR to respond to security incidents.


This course focuses on creating inputs, chain searches, event annotations, and improving dashboard performance.


This course focuses on dashboard creation, including prototyping, the dashboard definition, layouts types, adding visualizations, and dynamic coloring.
Enquire Now
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy